Apple's new "inactivity reboot" in iOS 18.1 frustrates law enforcement's access to iPhones

iOS 18.1's 'inactivity reboot' complicates law enforcement's access to iPhones.

: Apple's iOS 18.1 introduces an 'inactivity reboot' feature that reboots iPhones after four days of inactivity, complicating law enforcement access. Developed within the Hasso Plattner Institute, this new feature is in keybagd and the AppleSEPKeyStore kernel extension, bypassing phone/wireless network involvement. Apple aims to deter theft by adding this extra security layer, while law enforcement faces challenges in accessing devices for investigations.

The newly released iOS 18.1 by Apple includes an 'inactivity reboot' feature that reboots iPhones after four days of no activity. This move is intriguing as it complicates the ability of law enforcement to access devices for data extraction in investigations, which has been a point of contention regarding Apple's security policies.

Hasso Plattner Institute's Jiska Classen identified the feature's mechanism within keybagd and the AppleSEPKeyStore kernel extension. It functions independently of the phone's wireless network status, suggesting a refined approach in Apple’s ongoing efforts to protect users' data from theft and unauthorized access.

This feature places a time limit on thieves looking to exploit stolen iPhones, potentially shifting criminal focus to less secure devices. Despite the difficulties faced by law enforcement, Apple's consistent stance on not compromising device security for investigations is clear, aligning with its objective to protect legitimate users from the consequences of theft.